State Space Reduction in the Maude-NRL Protocol Analyzer

Authors:
Santiago Escobar;Catherine Meadows;José Meseguer
Affiliations:
Universidad Politécnica de Valencia, Spain;Naval Research Laboratory, Washington, USA;University of Illinois at Urbana-Champaign, USA
Venue:
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Year:
2008

Citing 10
Cited 2

Conditional rewriting logic as a unified model of concurrency

Selected papers of the Second Workshop on Concurrency and compositionality
Strand spaces: proving security protocols correct

Journal of Computer Security
C Programming

Dr. Dobb's Journal
Membership algebra as a logical framework for equational specification

WADT '97 Selected papers from the 12th International Workshop on Recent Trends in Algebraic Development Techniques
Efficient Finite-State Analysis for Large Security Protocols

CSFW '98 Proceedings of the 11th IEEE workshop on Computer Security Foundations
A rewriting-based inference system for the NRL Protocol analyzer and its meta-logical properties

Theoretical Computer Science - Automated reasoning for security protocol analysis
Symbolic reachability analysis using narrowing and its application to verification of cryptographic protocols

Higher-Order and Symbolic Computation
Equational Cryptographic Reasoning in the Maude-NRL Protocol Analyzer

Electronic Notes in Theoretical Computer Science (ENTCS)
Effectively Checking the Finite Variant Property

RTA '08 Proceedings of the 19th international conference on Rewriting Techniques and Applications
Symbolic model checking of infinite-state systems using narrowing

RTA'07 Proceedings of the 18th international conference on Term rewriting and applications

Teaching Formal Methods Based on Rewriting Logic and Maude

TFM '09 Proceedings of the 2nd International Conference on Teaching Formal Methods
YAPA: A Generic Tool for Computing Intruder Knowledge

ACM Transactions on Computational Logic (TOCL)

Quantified Score

Hi-index	0.02

Visualization

Abstract

The Maude-NRL Protocol Analyzer (Maude-NPA) is a tool and inference system for reasoning about the security of cryptographic protocols in which the cryptosystems satisfy different equational properties. It both extends and provides a formal framework for the original NRL Protocol Analyzer, which supported equational reasoning in a more limited way. Maude-NPA supports a wide variety of algebraic properties that includes many crypto-systems of interest such as, for example, one-time pads and Diffie-Hellman. Maude-NPA, like the original NPA, looks for attacks by searching backwards from an insecure attack state, and assumes an unbounded number of sessions. Because of the unbounded number of sessions and the support for different equational theories, it is necessary to develop ways of reducing the search space and avoiding infinite search paths. As a result, we have developed a number of state space reduction techniques. In order for the techniques to prove useful, they need not only to speed up the search, but should not violate soundness so that failure to find attacks still guarantees security. In this paper we describe the state space reduction techniques we use. We also provide soundness proofs, and experimental evaluations of their effect on the performance of Maude-NPA.